Original link: https://5ime.cn/wangdingcup-2022.html
There are many things to do at the beginning of school, and the time of Wangding and Guan’an coincide perfectly, and it is simple to paddle.
Crypto
crypto091
Xiao A mustered up the courage to ask the goddess for a phone number, but the goddess must test him. The goddess said she recently read a paper published at USENIX Security 2021, a top security conference, which found a vulnerability in Apple’s AirDrop airdrop feature, which could reveal the phone number and email address of the AirDrop initiator or recipient to strangers . After a lot of hard work, Xiao A obtained the hash value of the mobile phone number transmitted by the goddess mobile phone during AirDrop, but it will not go further. Can you continue to help him? Xiao A only remembered that the goddess mobile phone number was the first Unicom number in the 170th segment.
Hash: c22a563acc2a587afbfaaaa6d67bc6e628872b00bd7e998873881f7c6fdc62fc
flag format: flag{13-digit phone number (pure numbers, including country code)}
The联通number of the首批of numbers in the 170 segment of the key point, 13 digits and sha256
Direct script blasting
1 |
|
MISC
misc620
Blasting to get the password 99114514
After decompression, a sys_account.csv 7EqufFnrSGk= was found in sys_account.csv
After base64 to hex and then md5 decryption, the compressed package password nmy0612 is obtained
After decompressing flag.7z , I get a bunch of Korean… Use Text_Encoding_Brute_Force to enumerate to get flag
1 |
|
This article is reprinted from: https://5ime.cn/wangdingcup-2022.html
This site is for inclusion only, and the copyright belongs to the original author.